Platform: Code4rena
Start Date: 18/04/2024
Pot Size: $36,500 USDC
Total HM: 19
Participants: 183
Period: 7 days
Judge: Koolex
Id: 367
League: ETH
Rank: 160/183
Findings: 1
Award: $0.02
🌟 Selected for report: 0
🚀 Solo Findings: 0
🌟 Selected for report: MrPotatoMagic
Also found by: 0x175, 0x486776, 0x77, 0xAkira, 0xAsen, 0xDemon, 0xabhay, 0xblack_bird, 0xlemon, 0xloscar01, 0xtankr, 3docSec, 4rdiii, Abdessamed, AlexCzm, Angry_Mustache_Man, BiasedMerc, Circolors, Cryptor, DMoore, DPS, DedOhWale, Dinesh11G, Dots, GalloDaSballo, Giorgio, Honour, Imp, Jorgect, Krace, KupiaSec, Mrxstrange, NentoR, Pechenite, PoeAudits, Ryonen, SBSecurity, Sabit, T1MOH, TheFabled, TheSavageTeddy, Tychai0s, VAD37, Vasquez, WildSniper, ZanyBonzy, adam-idarrha, alix40, asui, blutorque, btk, c0pp3rscr3w3r, caglankaan, carrotsmuggler, d_tony7470, dimulski, dinkras, djxploit, falconhoof, forgebyola, grearlake, imare, itsabinashb, josephdara, kartik_giri_47538, ke1caM, kennedy1030, koo, lionking927, ljj, niser93, pep7siup, poslednaya, ptsanev, sashik_eth, shaflow2, steadyman, turvy_fuzz, ubl4nk, valentin_s2304, web3km, xyz, y4y, zhaojohnson, zigtur
0.0234 USDC - $0.02
https://github.com/code-423n4/2024-04-dyad/blob/4a987e536576139793a1c04690336d06c93fca90/src/core/VaultManagerV2.sol#L119 https://github.com/code-423n4/2024-04-dyad/blob/4a987e536576139793a1c04690336d06c93fca90/src/core/VaultManagerV2.sol#L143
deposit function in VaultManagerV2 contract doesn't check zero amount so it can cause to fail normal withdraw operation if attacker find normal withdraw tx in pending pool and make zero amount deposit tx.
https://github.com/code-423n4/2024-04-dyad/blob/4a987e536576139793a1c04690336d06c93fca90/src/core/VaultManagerV2.sol#L127 In the above line, deposit function of VaultManagerV2 updates idToBlockOfLastDeposit[id] as block number even though the given amount is zero. https://github.com/code-423n4/2024-04-dyad/blob/4a987e536576139793a1c04690336d06c93fca90/src/core/VaultManagerV2.sol#L143 so it can cause above checking code fails although it's normal withdraw operation if attacker create empty deposit when it founds any withdrawal operation in pending pool. of course this can take some gas for attackers but it can make the tx fails each time user wants to withdraw so it can reduce the trust of your service and while withdraw tx fails several times, attacker can do another kind of attacking as they know withdraw tx will be created again in next time, etc.
vscode, manual review
Add zero amount value in deposit function or use nonReentrant modifier of ReentrancyGuard from openzeppelin-contracts for withdraw function.
DoS
#0 - c4-pre-sort
2024-04-27T11:57:57Z
JustDravee marked the issue as duplicate of #489
#1 - c4-pre-sort
2024-04-29T09:32:32Z
JustDravee marked the issue as sufficient quality report
#2 - c4-judge
2024-05-05T20:42:46Z
koolexcrypto marked the issue as unsatisfactory: Invalid
#3 - c4-judge
2024-05-05T20:45:47Z
koolexcrypto marked the issue as unsatisfactory: Invalid
#4 - c4-judge
2024-05-05T21:57:23Z
koolexcrypto marked the issue as nullified
#5 - c4-judge
2024-05-05T21:57:26Z
koolexcrypto marked the issue as not nullified
#6 - c4-judge
2024-05-08T15:26:26Z
koolexcrypto marked the issue as duplicate of #1001
#7 - c4-judge
2024-05-11T19:48:23Z
koolexcrypto marked the issue as satisfactory